code based post quantum cryptography
play

Code-Based Post-Quantum Cryptography Wijik Lee 1 , Young-Sik Kim 2 , - PowerPoint PPT Presentation

Jul 26, 2023 •144 likes •565 views

Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 1 / 41 Code-Based Post-Quantum Cryptography Wijik Lee 1 , Young-Sik Kim 2 , and Jong-Seon No 1 1 Department of ECE, INMC, Seoul National University, Seoul, Korea 2 Chosun

  1. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 1 / 41 Code-Based Post-Quantum Cryptography Wijik Lee 1 , Young-Sik Kim 2 , and Jong-Seon No 1 1 Department of ECE, INMC, Seoul National University, Seoul, Korea 2 Chosun University, Gwangju, Korea September 07, 2017 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  2. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 2 / 41 Outline Introduction 1 Code-Based Post-Quantum Cryptography 2 Variants of Code-Based Post-Quantum Cryptography 3 Security of Code-Based Post-Quantum Cryptography 4 Conclusions 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  3. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 3 / 41 Introduction Outline Introduction 1 Code-Based Post-Quantum Cryptography 2 Variants of Code-Based Post-Quantum Cryptography 3 Security of Code-Based Post-Quantum Cryptography 4 Conclusions 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  4. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 4 / 41 Introduction Quantum Computers Practical large quantum computers are just around the corner, which are developed by government(NSA), EU, and large companies (Google, IBM). A 50 qubit quantum computer can do computation in 2 50 states at one time. (almost same as supercomputer) Recently, a 22 qubit quantum computer has been developed by Google. It is known that it can solve many hard problems for cryptography. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  5. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 5 / 41 Introduction After Quantum Computers Google says that quantum computer is expected to be used within 10 to 20 years from now. In quantum computer, Factoring is easy (Shor’s algorithm). Some researcher in Google says that 1024 bit RSA will be broken by quantum computer in 10 years (2027). Search is also easy (Grover’s algorithm). Can search 2 n elements in time 2 n/ 2 . After quantum computer, conventional cryptosystems are all dead. RSA, DSA, ECDSA ECC, HECC etc. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  6. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 6 / 41 Introduction Post-Quantum Cryptography In general, cryptosystem is a mathematical algorithm. Quantum cryptography uses physical techniques instead of mathematical algorithm (function). Recently, one of quantum cryptography is implemented for a secret key distribution algorithm (quantum key distribution, QKD). Quantum cryptography needs direct connection between the quantum cryptography hardwares via optical fiber and satellite. Quantum cryptosystem generates kB of keystream per second on special hardware costing $50,000. Conventional cryptosystem generates GB of keystream per second on a $200 CPU. Post-quantum cryptography(PQC) is different from quantum cryptography. PQC is a mathematical algorithm, which is robust from quantum computer (quantum-resistant). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  7. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 7 / 41 Introduction Post-Quantum Cryptography Types of post-quantum cryptography Code-based cryptography 1978 McEliece; hidden Goppa-code public-key encryption system. Hash-based cryptography 1979 Merkle; hash-tree public-key signature system. Multivariate-quadratic equation cryptography 1996 Patarin; “HFEV-” public key signature system. Lattice-based cryptography 1998 “NTRU” 1996 “SIS” (SVP) 2005 “LWE” (CVP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  8. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 8 / 41 Introduction Call for Proposal for Post-Quantum Cryptosystems NIST announced Call for Proposal for post-quantum cryptosystems on August 2016. Deadline for proposals; November 2017 In the following three areas: Encryption Algorithm 1 Digital Signature Algorithm 2 Key Encapsulation Mechanism (KEM) 3 First selection of the proposals for evaluation on March 2018. Popular PQCs Lattice-based post-quantum cryptography Code-based post-quantum cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  9. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 9 / 41 Introduction Code-Based Post-Quantum Cryptosystem Code-based cryptosystem is one of the well-known post-quantum cryptosystems by McEliece (1978). G ′ = SGP , G : generator matrix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  10. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 10 / 41 Introduction Code-Based Post-Quantum Cryptosystem Encryption Generator matrix G ′ = SGP c = mG ′ + e Decryption cP − 1 = mSG + eP − 1 mS is obtained by decoding. mSS − 1 = m There are many variant versions of code-based cryptosystem. We proposed the modification methods for the McEliece cryptosystems based on the punctured RM codes (Sidelnikov). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  11. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 11 / 41 Introduction Lattice-Based Post-Quantum Cryptosystem Features of Lattice-Based Cryptography Based on NP-hard problem SVP (shortest vector problem) CVP (closest vector problem) Seemingly very different assumptions from factoring, discrete log, and elliptic curves. Simple descriptions and implementations. Very parallelizable. Seems to resist quantum attacks. Security based on worst-case problems. Great Advantages Very strong security proofs. The schemes are fairly simple. Relatively efficient. Major Drawback Schemes have very large key size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  12. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 12 / 41 Code-Based Post-Quantum Cryptography Outline Introduction 1 Code-Based Post-Quantum Cryptography 2 Variants of Code-Based Post-Quantum Cryptography 3 Security of Code-Based Post-Quantum Cryptography 4 Conclusions 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  13. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 13 / 41 Code-Based Post-Quantum Cryptography Code-Based Post-Quantum Cryptography Code-based post-quantum cryptosystems McEliece cryptosystem by generator matrix of Goppa code, 1978 Niederreiter cryptosystem by parity check matrix of Goppa code, 1986 Code-based signature scheme CFS signature scheme (Courtois, Finiasz, Sendrier, 2001) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  14. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 14 / 41 Code-Based Post-Quantum Cryptography McEliece Cryptosystem In 1978, McEliece introduced a public key cryptosystem based on error correcting codes. The cracking problem for McEliece cryptosystem is the problem of syndrome decoding. Syndrome decoding problem Given parity check matrix H and syndrome s , find the minimum Hamming weight e , such that He T = s . The problem of syndrome decoding is proven to be NP-hard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

  15. Mathematical Methods for Cryptography 2017, Svolvaer, Lofoten, Norway 15 / 41 Code-Based Post-Quantum Cryptography Goppa Code Goppa code is a special case of alternant code. Definition. Alternant code A q -ary alternant code of order r associated with x = ( x 1 , · · · , x n ) ∈ F n q m q m ) n is defined as where all x i ’s are distinct and y = ( y 1 , · · · , y n ) ∈ ( F ∗ q | V r ( x , y ) c T = 0 } , A r ( x , y ) = { c ∈ F n where   y 1 · · · y n y 1 x 1 · · · y n x n   V r ( x , y ) = . .   . .   . .   y 1 x r − 1 y n x r − 1 · · · 1 n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . September 07, 2017 Seoul National Univ., Seoul, Korea

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

Basics on Public Key Crypto Systems Research Directions in Post-Quantum Cryptography Variants of McEliece System Distinguisher Attacks McEliece for Rank Metric Codes An Overview on Post-Quantum Cryptography with an Emphasis on Code based

1.05k views • 100 slides
Code-based Cryptography ECRYPT-CSA Executive School on Post-Quantum Cryptography 2017 TU

Code-based Cryptography ECRYPT-CSA Executive School on Post-Quantum Cryptography 2017 TU

Code-based Cryptography ECRYPT-CSA Executive School on Post-Quantum Cryptography 2017 TU Eindhoven Nicolas Sendrier Linear Codes for Telecommunication linear expansion data codeword k n > k noisy channel noisy

783 views • 52 slides
Code-based Cryptography PQCRYPTO Summer School on Post-Quantum Cryptography 2017 TU

Code-based Cryptography PQCRYPTO Summer School on Post-Quantum Cryptography 2017 TU

Code-based Cryptography PQCRYPTO Summer School on Post-Quantum Cryptography 2017 TU Eindhoven Nicolas Sendrier Linear Codes for Telecommunication linear expansion data codeword k n > k noisy channel noisy codeword

916 views • 74 slides
Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers can break public-key cryptography that is based on assuming hardness of factoring, discrete logs, and a few other problems I Post-quantum

2.98k views • 37 slides
Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

R. van der Gaag, D. Weller Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why think about post-quantum cryptography W. Buchanan et. al concluded Gate-based quantum computers pose a significant

349 views • 18 slides
Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER

Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER

Rings and Modules for Identity-Based Post-Quantum Public-Key Cryptography BASED ON THE PAPER EPRINT.IACR.ORG/2014/794 BY DUCAS, LYUBASHEVSKY, AND PREST 2016-09-21, Royal Holloway, Egham OFFICIAL Public Key Cryptography (PKC) Also called

403 views • 26 slides
Code-Based Cryptography for FPGAs Dr. Ruben Niederhagen, February 8, 2018 Introduction Global

Code-Based Cryptography for FPGAs Dr. Ruben Niederhagen, February 8, 2018 Introduction Global

Code-Based Cryptography for FPGAs Dr. Ruben Niederhagen, February 8, 2018 Introduction Global Map public-key cryptography classic post-quantum lattice code multivariate hash isogenies . . . McEliece Niederreiter . . . GRS codes

1.04k views • 73 slides
Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of

Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of

Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of Post-Quantum Cryptography Tim Gneysu, Ingo von Maurich 1/12/2015 Horst Grtz Institute for IT-Security, Ruhr-Universitt Bochum, Germany Motivation

920 views • 70 slides
Code-Based Cryptography Tanja Lange with some slides by Tung Chou and Christiane Peters

Code-Based Cryptography Tanja Lange with some slides by Tung Chou and Christiane Peters

Code-Based Cryptography Tanja Lange with some slides by Tung Chou and Christiane Peters Technische Universiteit Eindhoven Executive School on Post-Quantum Cryptography 02 July 2019 Error correction Digital media is exposed to memory

1.83k views • 96 slides
Code-Based Cryptography Tanja Lange with some slides by Tung Chou and Christiane Peters

Code-Based Cryptography Tanja Lange with some slides by Tung Chou and Christiane Peters

Code-Based Cryptography Tanja Lange with some slides by Tung Chou and Christiane Peters Technische Universiteit Eindhoven Post-Quantum Cryptography Winter School 23 February 2016 Error correction Digital media is exposed to memory

519 views • 38 slides
2 1 Joppe W. Bos and Simon Friedberger Why these strange primes? 2 Quantum

2 1 Joppe W. Bos and Simon Friedberger Why these strange primes? 2 Quantum

Fast Arithmetic Modulo 2 1 Joppe W. Bos and Simon Friedberger Why these strange primes? 2 Quantum computers NIST call for PQC standards [1] [2] Post-Quantum Cryptography 3 Lattice-based Code-based MQ-based

524 views • 25 slides
SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design Methodologies Farnoud Farahmand, Duc Tri Nguyen, Viet B. Dang*, Ahmed Ferozpuri and Kris Gaj George Mason University Post st-Quantum Quantum

441 views • 14 slides
code-based cryptography Marco Baldi Universit Politecnica delle Marche Ancona, Italy

code-based cryptography Marco Baldi Universit Politecnica delle Marche Ancona, Italy

DIMACS Workshop on The Mathematics of Post-Quantum Cryptography Rutgers University January 12 - 16, 2015 Constructive aspects of code-based cryptography Marco Baldi Universit Politecnica delle Marche Ancona, Italy m.baldi@univpm.it

999 views • 63 slides
Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information

1.95k views • 154 slides
From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

Quantum computers and factoring Learning with errors Cryptography from LWE From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren frederik.vercauteren@gmail.com Open Security Research (China) ESAT/COSIC - KU Leuven

1.34k views • 70 slides
A distinguisher for high-rate McEliece Cryptosystems J.C. Faug` ere (INRIA, SALSA project),

A distinguisher for high-rate McEliece Cryptosystems J.C. Faug` ere (INRIA, SALSA project),

A distinguisher for high-rate McEliece Cryptosystems J.C. Faug` ere (INRIA, SALSA project), Val erie Gauthier (Math. dep. Tech. Univ. of Denmark), A. Otmani (Universit e Caen- INRIA, SECRET project), L. Perret (INRIA, SALSA project),

734 views • 35 slides
Words of Minimal Weight and Weight Distribution in Binary Goppa Codes Matthieu Finiasz ISIT 2003

Words of Minimal Weight and Weight Distribution in Binary Goppa Codes Matthieu Finiasz ISIT 2003

Words of Minimal Weight and Weight Distribution in Binary Goppa Codes Matthieu Finiasz ISIT 2003 Yokohama Binary Goppa Codes Introduction Used for cryptography ( McEliece cryptosystem) Indistinguishable from a random linear code

138 views • 11 slides
Feedback shift register based stream ciphers Thomas Johansson, Lund University, Lund, Sweden

Feedback shift register based stream ciphers Thomas Johansson, Lund University, Lund, Sweden

Feedback shift register based stream ciphers Thomas Johansson, Lund University, Lund, Sweden 5/15/2007 1 CONTENTS Efficient encryption and possible solutions Stream ciphers Basic security analysis of stream ciphers LFSR sequences Design

497 views • 45 slides
Limits of Rauzy graphs of low-complexity words Blair Drummond August 7, 2019 University of

Limits of Rauzy graphs of low-complexity words Blair Drummond August 7, 2019 University of

Limits of Rauzy graphs of low-complexity words Blair Drummond August 7, 2019 University of Ottawa The Benjamini-Schramm limit Limits of finite graphs The aim of the thesis is to show the convergence properties of particular sequences of

1.54k views • 65 slides
Cryptosystems That Resist Quantum Fourier Sampling Attacks Hang Dinh Indiana University South

Cryptosystems That Resist Quantum Fourier Sampling Attacks Hang Dinh Indiana University South

McEliece and Niederreiter Cryptosystems That Resist Quantum Fourier Sampling Attacks Hang Dinh Indiana University South Bend joint work with Cristopher Moore Alexander Russell University of New Mexico University of Connecticut Post-quantum

401 views • 18 slides
Efficiency and Implementation Security of Code-based Cryptosystems PhD Thesis by Falko Strenzke

Efficiency and Implementation Security of Code-based Cryptosystems PhD Thesis by Falko Strenzke

Efficiency and Implementation Security of Code-based Cryptosystems PhD Thesis by Falko Strenzke Falko Strenzke Cryptography and Computeralgebra, Department of Computer Science, Technische Universit at Darmstadt, Germany,

1.73k views • 160 slides
Towards One Cycle per Bit Asymmetric Encryption: Code-Based Cryptography on Reconfigurable

Towards One Cycle per Bit Asymmetric Encryption: Code-Based Cryptography on Reconfigurable

Towards One Cycle per Bit Asymmetric Encryption: Code-Based Cryptography on Reconfigurable Hardware Stefan Heyse, Tim Gneysu Towards One Cycle per Bit Asymmetric Encryption: Code-Based Cryptography on Reconfigurable Hardware Stefan Heyse, Tim

590 views • 22 slides
Cryptanalysis of a variant of the McEliece encryption scheme Julien Lavauzelle IRMAR,

Cryptanalysis of a variant of the McEliece encryption scheme Julien Lavauzelle IRMAR,

Cryptanalysis of a variant of the McEliece encryption scheme Julien Lavauzelle IRMAR, Universit de Rennes 1 Journes Nationales de Calcul Formel 2020 03/03/2020 Outline 1. McEliece cryptosystem and variants 2. Attack on the ReedSolomon

782 views • 52 slides

More recommend